Warning: Permanently added '[localhost]:4834' (ECDSA) to the list of known hosts. 2022/10/01 03:16:25 fuzzer started 2022/10/01 03:16:26 dialing manager at localhost:35095 syzkaller login: [ 40.610309] cgroup: Unknown subsys name 'net' [ 40.724157] cgroup: Unknown subsys name 'rlimit' 2022/10/01 03:16:41 syscalls: 2215 2022/10/01 03:16:41 code coverage: enabled 2022/10/01 03:16:41 comparison tracing: enabled 2022/10/01 03:16:41 extra coverage: enabled 2022/10/01 03:16:41 setuid sandbox: enabled 2022/10/01 03:16:41 namespace sandbox: enabled 2022/10/01 03:16:41 Android sandbox: enabled 2022/10/01 03:16:41 fault injection: enabled 2022/10/01 03:16:41 leak checking: enabled 2022/10/01 03:16:41 net packet injection: enabled 2022/10/01 03:16:41 net device setup: enabled 2022/10/01 03:16:41 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2022/10/01 03:16:41 devlink PCI setup: PCI device 0000:00:10.0 is not available 2022/10/01 03:16:41 USB emulation: enabled 2022/10/01 03:16:41 hci packet injection: enabled 2022/10/01 03:16:41 wifi device emulation: failed to parse kernel version (6.0.0-rc7-next-20220930) 2022/10/01 03:16:41 802.15.4 emulation: enabled 2022/10/01 03:16:41 fetching corpus: 0, signal 0/2000 (executing program) 2022/10/01 03:16:41 fetching corpus: 36, signal 17867/21463 (executing program) 2022/10/01 03:16:41 fetching corpus: 86, signal 32507/37396 (executing program) 2022/10/01 03:16:41 fetching corpus: 136, signal 43767/49783 (executing program) 2022/10/01 03:16:41 fetching corpus: 186, signal 50567/57662 (executing program) 2022/10/01 03:16:41 fetching corpus: 235, signal 56353/64445 (executing program) 2022/10/01 03:16:42 fetching corpus: 285, signal 62714/71646 (executing program) 2022/10/01 03:16:42 fetching corpus: 335, signal 65153/75110 (executing program) 2022/10/01 03:16:42 fetching corpus: 385, signal 69097/79888 (executing program) 2022/10/01 03:16:42 fetching corpus: 435, signal 73793/85211 (executing program) 2022/10/01 03:16:42 fetching corpus: 485, signal 77020/89169 (executing program) 2022/10/01 03:16:42 fetching corpus: 534, signal 79652/92576 (executing program) 2022/10/01 03:16:42 fetching corpus: 584, signal 82745/96302 (executing program) 2022/10/01 03:16:42 fetching corpus: 634, signal 85635/99759 (executing program) 2022/10/01 03:16:43 fetching corpus: 684, signal 88902/103528 (executing program) 2022/10/01 03:16:43 fetching corpus: 734, signal 89920/105331 (executing program) 2022/10/01 03:16:43 fetching corpus: 784, signal 91739/107721 (executing program) 2022/10/01 03:16:43 fetching corpus: 834, signal 94631/110921 (executing program) 2022/10/01 03:16:43 fetching corpus: 884, signal 97206/113859 (executing program) 2022/10/01 03:16:43 fetching corpus: 933, signal 99415/116388 (executing program) 2022/10/01 03:16:43 fetching corpus: 983, signal 100430/117985 (executing program) 2022/10/01 03:16:43 fetching corpus: 1033, signal 103295/120904 (executing program) 2022/10/01 03:16:44 fetching corpus: 1083, signal 106028/123674 (executing program) 2022/10/01 03:16:44 fetching corpus: 1133, signal 108207/125991 (executing program) 2022/10/01 03:16:44 fetching corpus: 1183, signal 110688/128519 (executing program) 2022/10/01 03:16:44 fetching corpus: 1233, signal 113757/131386 (executing program) 2022/10/01 03:16:44 fetching corpus: 1283, signal 115428/133267 (executing program) 2022/10/01 03:16:44 fetching corpus: 1332, signal 117575/135390 (executing program) 2022/10/01 03:16:44 fetching corpus: 1382, signal 119256/137141 (executing program) 2022/10/01 03:16:45 fetching corpus: 1432, signal 121805/139416 (executing program) 2022/10/01 03:16:45 fetching corpus: 1482, signal 123362/140993 (executing program) 2022/10/01 03:16:45 fetching corpus: 1532, signal 124293/142120 (executing program) 2022/10/01 03:16:45 fetching corpus: 1582, signal 125745/143543 (executing program) 2022/10/01 03:16:45 fetching corpus: 1632, signal 126479/144528 (executing program) 2022/10/01 03:16:45 fetching corpus: 1682, signal 127305/145586 (executing program) 2022/10/01 03:16:45 fetching corpus: 1732, signal 128209/146599 (executing program) 2022/10/01 03:16:45 fetching corpus: 1782, signal 129851/148110 (executing program) 2022/10/01 03:16:45 fetching corpus: 1832, signal 131291/149407 (executing program) 2022/10/01 03:16:46 fetching corpus: 1881, signal 132191/150428 (executing program) 2022/10/01 03:16:46 fetching corpus: 1931, signal 133823/151784 (executing program) 2022/10/01 03:16:46 fetching corpus: 1981, signal 134935/152823 (executing program) 2022/10/01 03:16:46 fetching corpus: 2031, signal 136160/153877 (executing program) 2022/10/01 03:16:46 fetching corpus: 2081, signal 136912/154687 (executing program) 2022/10/01 03:16:46 fetching corpus: 2131, signal 138232/155719 (executing program) 2022/10/01 03:16:46 fetching corpus: 2181, signal 139052/156491 (executing program) 2022/10/01 03:16:46 fetching corpus: 2231, signal 140015/157307 (executing program) 2022/10/01 03:16:46 fetching corpus: 2281, signal 141155/158185 (executing program) 2022/10/01 03:16:47 fetching corpus: 2331, signal 142165/158986 (executing program) 2022/10/01 03:16:47 fetching corpus: 2381, signal 143186/159765 (executing program) 2022/10/01 03:16:47 fetching corpus: 2431, signal 144068/160450 (executing program) 2022/10/01 03:16:47 fetching corpus: 2481, signal 144719/161031 (executing program) 2022/10/01 03:16:47 fetching corpus: 2531, signal 145234/161547 (executing program) 2022/10/01 03:16:47 fetching corpus: 2581, signal 145877/162102 (executing program) 2022/10/01 03:16:47 fetching corpus: 2631, signal 146666/162689 (executing program) 2022/10/01 03:16:47 fetching corpus: 2681, signal 147388/163233 (executing program) 2022/10/01 03:16:47 fetching corpus: 2731, signal 148858/164112 (executing program) 2022/10/01 03:16:48 fetching corpus: 2781, signal 150099/164763 (executing program) 2022/10/01 03:16:48 fetching corpus: 2830, signal 151484/165494 (executing program) 2022/10/01 03:16:48 fetching corpus: 2880, signal 152348/166006 (executing program) 2022/10/01 03:16:48 fetching corpus: 2930, signal 154184/166786 (executing program) 2022/10/01 03:16:48 fetching corpus: 2980, signal 155048/167272 (executing program) 2022/10/01 03:16:48 fetching corpus: 3030, signal 155501/167571 (executing program) 2022/10/01 03:16:48 fetching corpus: 3080, signal 156268/167946 (executing program) 2022/10/01 03:16:48 fetching corpus: 3130, signal 156649/168225 (executing program) 2022/10/01 03:16:49 fetching corpus: 3180, signal 157663/168657 (executing program) 2022/10/01 03:16:49 fetching corpus: 3230, signal 159472/169250 (executing program) 2022/10/01 03:16:49 fetching corpus: 3280, signal 160497/169591 (executing program) 2022/10/01 03:16:49 fetching corpus: 3330, signal 161456/170006 (executing program) 2022/10/01 03:16:49 fetching corpus: 3380, signal 162094/170257 (executing program) 2022/10/01 03:16:49 fetching corpus: 3430, signal 163206/170571 (executing program) 2022/10/01 03:16:49 fetching corpus: 3480, signal 164420/170872 (executing program) 2022/10/01 03:16:49 fetching corpus: 3530, signal 165359/171196 (executing program) 2022/10/01 03:16:50 fetching corpus: 3580, signal 166056/171454 (executing program) 2022/10/01 03:16:50 fetching corpus: 3630, signal 166441/171561 (executing program) 2022/10/01 03:16:50 fetching corpus: 3680, signal 166811/171675 (executing program) 2022/10/01 03:16:50 fetching corpus: 3730, signal 167417/171793 (executing program) 2022/10/01 03:16:50 fetching corpus: 3780, signal 168168/171959 (executing program) 2022/10/01 03:16:50 fetching corpus: 3830, signal 168687/172158 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172212 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172254 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172295 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172334 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172368 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172404 (executing program) 2022/10/01 03:16:50 fetching corpus: 3835, signal 168725/172404 (executing program) 2022/10/01 03:16:53 starting 8 fuzzer processes 03:16:53 executing program 0: prctl$PR_SET_MM(0x23, 0xb, &(0x7f0000003000/0x4000)=nil) 03:16:53 executing program 1: linkat(0xffffffffffffffff, &(0x7f0000000b00)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000b80)='./file0/file0\x00', 0x0) 03:16:53 executing program 2: r0 = eventfd2(0x0, 0x0) write(r0, &(0x7f0000001300)="ffffffffffffffff", 0x8) 03:16:53 executing program 3: syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) 03:16:53 executing program 4: r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCGSOFTCAR(r0, 0x5423, &(0x7f0000000040)) 03:16:53 executing program 5: socket$packet(0x11, 0x3, 0x300) [ 67.917563] audit: type=1400 audit(1664594213.450:6): avc: denied { execmem } for pid=283 comm="syz-executor.0" scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=process permissive=1 03:16:53 executing program 6: r0 = perf_event_open$cgroup(&(0x7f00000000c0)={0x2, 0x80, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x4) 03:16:53 executing program 7: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_ASSOCIATE_RESP(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000b80)={0x14}, 0x14}}, 0x0) [ 69.203305] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 69.205373] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 69.206894] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 69.209942] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 69.211881] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 69.213210] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 69.217863] Bluetooth: hci0: HCI_REQ-0x0c1a [ 69.262301] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 69.263870] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 69.273675] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 69.274958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 69.276193] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 69.276673] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 69.281916] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 69.283298] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 69.284741] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 69.286087] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.287618] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 69.289234] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 69.292995] Bluetooth: hci2: HCI_REQ-0x0c1a [ 69.301748] Bluetooth: hci1: HCI_REQ-0x0c1a [ 69.317220] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 69.320676] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 69.322112] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 69.324865] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 69.326676] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 69.332157] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 69.336854] Bluetooth: hci3: HCI_REQ-0x0c1a [ 69.343730] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 69.345502] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 69.347628] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 69.350138] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 69.352397] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 69.353713] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 69.360683] Bluetooth: hci6: HCI_REQ-0x0c1a [ 69.456374] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 69.467184] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 69.469167] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 69.472372] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 69.474194] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 69.481807] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 69.494600] Bluetooth: hci4: HCI_REQ-0x0c1a [ 71.293178] Bluetooth: hci0: command 0x0409 tx timeout [ 71.355539] Bluetooth: hci7: Opcode 0x c03 failed: -110 [ 71.355608] Bluetooth: hci1: command 0x0409 tx timeout [ 71.356843] Bluetooth: hci2: command 0x0409 tx timeout [ 71.358142] Bluetooth: hci5: Opcode 0x c03 failed: -110 [ 71.419540] Bluetooth: hci6: command 0x0409 tx timeout [ 71.419567] Bluetooth: hci3: command 0x0409 tx timeout [ 71.547689] Bluetooth: hci4: command 0x0409 tx timeout [ 73.340596] Bluetooth: hci0: command 0x041b tx timeout [ 73.403569] Bluetooth: hci1: command 0x041b tx timeout [ 73.403596] Bluetooth: hci2: command 0x041b tx timeout [ 73.467503] Bluetooth: hci6: command 0x041b tx timeout [ 73.468513] Bluetooth: hci3: command 0x041b tx timeout [ 73.595611] Bluetooth: hci4: command 0x041b tx timeout [ 74.560097] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 74.575034] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 74.580609] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 74.583221] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 74.592808] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 74.604771] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 74.613489] Bluetooth: hci5: HCI_REQ-0x0c1a [ 74.662837] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 74.665107] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 74.669545] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 74.672335] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 74.673372] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 74.674560] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 74.677846] Bluetooth: hci7: HCI_REQ-0x0c1a [ 75.387519] Bluetooth: hci0: command 0x040f tx timeout [ 75.451462] Bluetooth: hci1: command 0x040f tx timeout [ 75.452589] Bluetooth: hci2: command 0x040f tx timeout [ 75.515467] Bluetooth: hci3: command 0x040f tx timeout [ 75.515502] Bluetooth: hci6: command 0x040f tx timeout [ 75.643460] Bluetooth: hci4: command 0x040f tx timeout [ 76.667630] Bluetooth: hci5: command 0x0409 tx timeout [ 76.732621] Bluetooth: hci7: command 0x0409 tx timeout [ 77.436696] Bluetooth: hci0: command 0x0419 tx timeout [ 77.500518] Bluetooth: hci2: command 0x0419 tx timeout [ 77.501383] Bluetooth: hci1: command 0x0419 tx timeout [ 77.563584] Bluetooth: hci6: command 0x0419 tx timeout [ 77.564530] Bluetooth: hci3: command 0x0419 tx timeout [ 77.691491] Bluetooth: hci4: command 0x0419 tx timeout [ 78.715507] Bluetooth: hci5: command 0x041b tx timeout [ 78.779495] Bluetooth: hci7: command 0x041b tx timeout [ 80.763459] Bluetooth: hci5: command 0x040f tx timeout [ 80.827520] Bluetooth: hci7: command 0x040f tx timeout [ 81.437471] ================================================================== [ 81.438209] BUG: KASAN: use-after-free in __lock_acquire+0x42c9/0x5e70 [ 81.438885] Read of size 8 at addr ffff88800e432528 by task kmemleak/55 [ 81.439424] [ 81.439556] CPU: 0 PID: 55 Comm: kmemleak Not tainted 6.0.0-rc7-next-20220930 #1 [ 81.440231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 81.441425] Call Trace: [ 81.441607] [ 81.441767] dump_stack_lvl+0x8b/0xb3 [ 81.442341] print_report+0x172/0x475 [ 81.442610] ? __lock_acquire+0x42c9/0x5e70 [ 81.442915] kasan_report+0xbb/0x1c0 [ 81.443189] ? __lock_acquire+0x42c9/0x5e70 [ 81.443494] __lock_acquire+0x42c9/0x5e70 [ 81.443790] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 81.444150] ? lockdep_hardirqs_on_prepare+0x410/0x410 [ 81.444520] ? finish_task_switch.isra.0+0x22d/0x8a0 [ 81.444870] lock_acquire+0x1a2/0x530 [ 81.445138] ? kmemleak_scan+0x21d/0x16d0 [ 81.445428] ? lock_release+0x750/0x750 [ 81.445706] ? lock_release+0x750/0x750 [ 81.445983] ? io_schedule_timeout+0x150/0x150 [ 81.446305] ? _raw_spin_lock_irq+0x41/0x50 [ 81.446603] _raw_spin_lock_irq+0x32/0x50 [ 81.446887] ? kmemleak_scan+0x21d/0x16d0 [ 81.447171] kmemleak_scan+0x21d/0x16d0 [ 81.447443] ? paint_ptr+0xc0/0xc0 [ 81.447694] ? __kthread_parkme+0x15a/0x220 [ 81.447993] ? kmemleak_write.cold+0x29/0x29 [ 81.448305] kmemleak_scan_thread+0x8f/0xb1 [ 81.448641] kthread+0x2ed/0x3a0 [ 81.448882] ? kthread_complete_and_exit+0x40/0x40 [ 81.449227] ret_from_fork+0x22/0x30 [ 81.449502] [ 81.449666] [ 81.449785] Allocated by task 970: [ 81.450028] kasan_save_stack+0x1e/0x40 [ 81.450303] kasan_set_track+0x21/0x30 [ 81.450578] __kasan_slab_alloc+0x58/0x70 [ 81.450869] kmem_cache_alloc+0x1a9/0x3e0 [ 81.451159] __create_object+0x3d/0xc10 [ 81.451432] kmem_cache_alloc+0x235/0x3e0 [ 81.451720] vm_area_dup+0x7f/0x230 [ 81.451985] __split_vma+0xa2/0x5d0 [ 81.452243] split_vma+0x9f/0xe0 [ 81.452498] mprotect_fixup+0x710/0x8c0 [ 81.452784] do_mprotect_pkey+0x6fb/0xa70 [ 81.453072] __x64_sys_mprotect+0x74/0xb0 [ 81.453364] do_syscall_64+0x3b/0x90 [ 81.453632] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 81.453987] [ 81.454108] Freed by task 19: [ 81.454328] kasan_save_stack+0x1e/0x40 [ 81.454607] kasan_set_track+0x21/0x30 [ 81.454881] kasan_save_free_info+0x2a/0x50 [ 81.455183] __kasan_slab_free+0x106/0x190 [ 81.455481] kmem_cache_free+0xf7/0x610 [ 81.455756] rcu_core+0x7e2/0x2080 [ 81.456005] __do_softirq+0x1c3/0x8f5 [ 81.456274] [ 81.456394] Last potentially related work creation: [ 81.456731] kasan_save_stack+0x1e/0x40 [ 81.457009] __kasan_record_aux_stack+0x95/0xb0 [ 81.457334] call_rcu+0x6a/0xa30 [ 81.457573] kmem_cache_free+0xbd/0x610 [ 81.457848] exit_mmap+0x24f/0x680 [ 81.458107] mmput+0xd1/0x390 [ 81.458335] do_exit+0xa2e/0x27f0 [ 81.458583] do_group_exit+0xd0/0x2a0 [ 81.458852] __x64_sys_exit_group+0x3a/0x50 [ 81.459183] do_syscall_64+0x3b/0x90 [ 81.459488] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 81.459882] [ 81.460018] Second to last potentially related work creation: [ 81.460457] kasan_save_stack+0x1e/0x40 [ 81.460780] __kasan_record_aux_stack+0x95/0xb0 [ 81.461145] call_rcu+0x6a/0xa30 [ 81.461403] kmemleak_free_percpu+0x9a/0x120 [ 81.461738] free_percpu+0x2c/0xec0 [ 81.462024] percpu_counter_destroy+0x11a/0x1c0 [ 81.462386] wb_exit+0x76/0xb0 [ 81.462637] cgwb_release_workfn+0x25d/0x3f0 [ 81.462979] process_one_work+0xa17/0x16a0 [ 81.463317] worker_thread+0x637/0x1260 [ 81.463629] kthread+0x2ed/0x3a0 [ 81.463898] ret_from_fork+0x22/0x30 [ 81.464191] [ 81.464325] The buggy address belongs to the object at ffff88800e432510 [ 81.464325] which belongs to the cache kmemleak_object of size 368 [ 81.465262] The buggy address is located 24 bytes inside of [ 81.465262] 368-byte region [ffff88800e432510, ffff88800e432680) [ 81.466117] [ 81.466250] The buggy address belongs to the physical page: [ 81.466687] page:000000003e452fdf refcount:1 mapcount:0 mapping:0000000000000000 index:0xffffea0000381f80 pfn:0xe432 [ 81.467564] head:000000003e452fdf order:1 compound_mapcount:0 compound_pincount:0 [ 81.468290] flags: 0x100000000010200(slab|head|node=0|zone=1) [ 81.468892] raw: 0100000000010200 ffff888007c4f780 dead000000120012 0000000000000000 [ 81.469658] raw: ffffea0000381f80 dead000000000003 00000001ffffffff 0000000000000000 [ 81.470404] page dumped because: kasan: bad access detected [ 81.470946] [ 81.471111] Memory state around the buggy address: [ 81.471591] ffff88800e432400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 81.472288] ffff88800e432480: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 81.472823] >ffff88800e432500: fc fc fa fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.473286] ^ [ 81.473587] ffff88800e432580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.474051] ffff88800e432600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 81.474513] ================================================================== [ 81.474970] Disabling lock debugging due to kernel taint VM DIAGNOSIS: 03:17:07 Registers: info registers vcpu 0 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff823bb0f1 RDI=ffffffff8765a9a0 RBP=ffffffff8765a960 RSP=ffff88800fc37608 R8 =0000000000000001 R9 =000000000000000a R10=0000000000000020 R11=0000000000000001 R12=0000000000000020 R13=ffffffff8765a960 R14=0000000000000010 R15=ffffffff823bb0e0 RIP=ffffffff823bb149 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f83b19b5260 CR3=000000001bc54000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 756e696c2d34365f 3638782f62696c2f YMM01=0000000000000000 0000000000000000 2e6f747079726362 696c2f756e672d78 YMM02=0000000000000000 0000000000000000 00312e312e6f732e 6f74707972636269 YMM03=0000000000000000 0000000000000000 6c2f756e672d7875 6e696c2d34365f36 YMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 RAX=0000000000000000 RBX=ffffea0000f6a980 RCX=0000000000000000 RDX=0000000000000000 RSI=ffffffff81129e3e RDI=0000777f80000000 RBP=0000000000000000 RSP=ffff888017777b88 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000008 R11=0000000000000001 R12=ffffffff816cab40 R13=ffff888017777d08 R14=ffff888017777d10 R15=000000000000000c RIP=ffffffff817855b7 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fd4d350e6f4 CR3=0000000005226000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 YMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM01=0000000000000000 0000000000000000 00007fd4d351d470 00007fd4d351cf20 YMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM03=0000000000000000 0000000000000000 756e20796d6d7564 20736e6f6974706f YMM04=0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f YMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM08=0000000000000000 0000000000000000 73253d656d616e6c 6165722073253d73 YMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 YMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000